In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without accounting for RFC 5649 expansion. This may cause OpenSSL to write beyond allocated memory, corrupting heap metadata and triggering application abort.
History

Mon, 06 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 03 Jul 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Php
Php php
Vendors & Products Php
Php php

Fri, 03 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Description In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without accounting for RFC 5649 expansion. This may cause OpenSSL to write beyond allocated memory, corrupting heap metadata and triggering application abort.
Title ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD
Weaknesses CWE-122
References
Metrics cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: php

Published: 2026-07-03T20:57:31.958Z

Updated: 2026-07-06T13:57:58.387Z

Reserved: 2026-07-01T17:52:41.706Z

Link: CVE-2026-14355

cve-icon Vulnrichment

Updated: 2026-07-04T15:25:16.999Z

cve-icon NVD

No data.

cve-icon Redhat

No data.